main/jq: security upgrade to 1.7.1

- CVE-2023-50246 - CVE-2023-50268
2026-05-05 12:26:52 +02:00 · 2023-12-14 06:31:49 +00:00 · 2023-12-14 06:31:49 +00:00 · efae5fa1bd
commit efae5fa1bd
parent 0c9562db69
1 changed files with 6 additions and 3 deletions
--- a/main/jq/APKBUILD
+++ b/main/jq/APKBUILD
@ -1,8 +1,8 @@
 # Contributor: Johannes Matheis <jomat+alpinebuild@jmt.gr>
 # Maintainer: Patrycja Rosa <alpine@ptrcnull.me>
 pkgname=jq
-pkgver=1.7
-pkgrel=2
+pkgver=1.7.1
+pkgrel=0
 pkgdesc="A lightweight and flexible command-line JSON processor"
 url="https://jqlang.github.io/jq/"
 arch="all"
@ -12,6 +12,9 @@ subpackages="$pkgname-doc $pkgname-dev"
 source="jq-$pkgver.tar.gz::https://github.com/jqlang/jq/releases/download/jq-$pkgver/jq-$pkgver.tar.gz"

 # secfixes:
+#   1.7.1-r0:
+#     - CVE-2023-50246
+#     - CVE-2023-50268
 #   1.6_rc1-r0:
 #     - CVE-2016-4074

@ -36,5 +39,5 @@ package() {
 }

 sha512sums="
-4f8a6b0401e6c881dcb97d948fe38871062599a43fff667ede21cf185ec9de33e61878f0a6ea12786d0a632eea592ea0ff860520ba02dbb32f2fa2d2b5db7a0a  jq-1.7.tar.gz
+464861fb2e0d6934b616f1dc7f8002d7dae727c8c0c07b385b813e7522ba1ada8ead4165e1d99c892e3ea76e238c55a15b718c738805419721920f88f8d8478c  jq-1.7.1.tar.gz
 "